# Contributor: Jake Buchholz Göktürk <tomalok@gmail.com>
# Maintainer: Jake Buchholz Göktürk <tomalok@gmail.com>

pkgname=containerd

# NOTE: containerd's Makefile tries to get REVISION from git, but we're building from a tarball.
_commit=10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
pkgver=1.6.6
pkgrel=0
pkgdesc="An open and reliable container runtime"
url="https://containerd.io/"
arch="all"
license="Apache-2.0"
depends="runc"
makedepends="btrfs-progs-dev go go-md2man libseccomp-dev"
subpackages="
	$pkgname-doc
	$pkgname-stress
	$pkgname-openrc
"
source="containerd-$pkgver.tar.gz::https://github.com/containerd/containerd/archive/v$pkgver.tar.gz
	containerd.confd
	containerd.initd
"
options="net"

# secfixes:
#   1.6.6-r0:
#     - CVE-2022-31030
#   1.6.2-r0:
#     - CVE-2022-24769
#   1.6.1-r0:
#     - CVE-2022-23648
#   1.5.9-r0:
#     - CVE-2021-43816
#   1.5.8-r0:
#     - CVE-2021-41190
#   1.5.7-r0:
#     - CVE-2021-41103
#   1.5.4-r0:
#     - CVE-2021-32760
#   1.4.4-r0:
#     - CVE-2021-21334
#   1.4.3-r0:
#     - CVE-2020-15257
#   1.3.3-r0:
#     - CVE-2019-19921
#     - CVE-2020-0601
#     - CVE-2020-7919
#     - CVE-2019-11253
#   1.3.1-r0:
#     - CVE-2019-17596
#   1.3.0-r0:
#     - CVE-2019-16884
#   1.2.9-r0:
#     - CVE-2019-9512
#     - CVE-2019-9514
#     - CVE-2019-9515
#   1.2.6-r0:
#     - CVE-2019-9946

export GOFLAGS="$GOFLAGS -modcacherw -mod=readonly"

build() {
	export GO111MODULE=on

	make VERSION="v$pkgver" REVISION="$_commit" BUILDMODE=pie \
		EXTRA_LDFLAGS="-s -w"
	make man
}

check() {
	./bin/containerd --version
}

package() {
	install -d "$pkgdir"/usr/bin/
	install -Dsm755 "$builddir"/bin/* "$pkgdir"/usr/bin/

	install -Dm755 "$srcdir"/$pkgname.initd \
		"$pkgdir"/etc/init.d/$pkgname
	install -Dm644 "$srcdir"/$pkgname.confd \
		"$pkgdir"/etc/conf.d/$pkgname

	install -d "$pkgdir"/usr/share/man/man5/
	install -Dm644 "$builddir"/man/*.5 "$pkgdir"/usr/share/man/man5/
	install -d "$pkgdir"/usr/share/man/man8/
	install -Dm644 "$builddir"/man/*.8 "$pkgdir"/usr/share/man/man8/
	install -d "$pkgdir"/etc/containerd/
	"$pkgdir"/usr/bin/containerd config default | sed "s|/opt/cni/bin|/usr/libexec/cni|g" > "$pkgdir"/etc/containerd/config.toml
}

stress() {
	pkgdesc="containerd-stress utility"
	amove usr/bin/containerd-stress
}

sha512sums="
f16f23384dbaa67075f2d35b7fc752938dd15601bbe3a919bc8eaa53fa1b2dea2e2d7f613a0f2f492910213dc2f7e96f0a1d38dde35bfb6d15f18167313f9817  containerd-1.6.6.tar.gz
21a9888b684913138ec4a342b0b69e40e9c773ecd329c4e2401a807365586468cb19035583a4fc8b0f86138f5ee4c7fb911c75495263e4b43d2886ea11e0e271  containerd.confd
2818cb9e062a6b75c5e2ad6a076eb26edc9fd9b70356b37f9306d082dc360a2d7bd802531afd8e73998cc0fdaa6ad34cd7a0a1d67bd98ee1bb7f30bab16d6084  containerd.initd
"
